On 2014-12-19 13:35:06 +0100 (+0100), Dr. Jens Rosenboom wrote: [...] > While github.com claim to have patched their servers, people using > other repos may want to be extra cautious.
Please re-read that advisory. GitHub's _servers_ were not affected as this is a client-side vulnerability. What GitHub did was release fixed versions of their "GitHub for Windows" and "GitHub for Mac" _client_ tools. That said, people using Git (and apparently Mercurial?) clients on non-case-sensitive filesystems (that's mainly Windows and Mac, not typical Linux/BSD) are at risk if they haven't upgraded their client applications accordingly.  https://github.com/blog/1938-vulnerability-announced-update-your-git-clients  http://www.openwall.com/lists/oss-security/2014/12/19/1 -- Jeremy Stanley _______________________________________________ OpenStack-dev mailing list OpenStackemail@example.com http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev